Coming soon to Microsoft Purview Insider Risk Management, now rolling out to Public Preview in the Worldwide Commercial Cloud:
- Simplification of the policy wizard steps
- Introducing Quick Policies
- New “Risky browser usage” policy template to identify potential security incidents
This message is associated with Microsoft 365 Roadmap IDs 93356, 93357, and 82144.
Updates are being made to the Insider Risk Management policy wizard. We are splitting our Indicators step of the wizard into two steps (step 1- indicators, step 2- sequence detection, cumulative exfiltration detection, and risk score boosters) to enable an easier experience. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Get started quickly with Insider Risk Management Quick Policies. We are further enhancing our onboarding experience with an easy one-step to policy creation: from the analytics insights or the “Create your first policy” Recommended Actions task, administrators can now easily create a policy with just a couple clicks. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Leverage risky browsing activity on known hacking, malware, keylogger, and other risky websites to identify security policy violations by insiders. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
When this will happen
Rollout began in July and is expected to be done by mid-August.
How this will affect your organization
Simplification of the policy wizard steps:
Within the policy wizard, the “Indicators” step will now be split into two steps, which will include (A) Select Indicators, and (B) Select Detection options, which includes sequence detection, cumulative exfiltration detection, and risk score boosters.
Introducing Quick Policies:
Easy one-step policy creation option to help streamline your onboarding experience. From the solutions page, admins can now create a policy with just a couple clicks directly from the Analytics insights section or from the Recommended Actions task “Create your first policy”.
New “Risky browser usage” policy template to identify potential security incidents:
This new policy template allows admins to define, identify and detect high risk browsing actions that may result in a security or compliance incident. These policies help organizations detect risky browsing actions based on specific high-risk website categories, such as malware, keylogging, and hacking websites. Insider Risk Management is built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
What you need to do to prepare
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider Risk Management enables customers to create policies that help to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Access the Insider Risk Management solution in the Microsoft Purview compliance portal for WW cloud environments.
Learn more
- Learn more: Investigate insider risk management activities
- Learn more about indicators in Insider Risk Management: Insider risk management settings
- Learn about and configure insider risk management browser signal detection
- Insider risk management
Message ID: MC409858
Published: 05 August 2022
Updated: 05 August 2022
Platform: World tenant, Online